<?php

define('IN_ECS', true);

require(dirname(__FILE__) . '/includes/init.php');
require(ROOT_PATH . 'includes/lib_payment.php');
require(ROOT_PATH . 'includes/lib_order.php');

$cappay = new cappay();
$act = $_GET['act'];
if ($act == 'post_data'){
	$cappay->post_data();
}else{
	echo $cappay->get_code($order, $payment);
}
class cappay
{
    /**
     * 构造函数
     *
     * @access  public
     * @param
     *
     * @return void
     */
    function cappay()
    {
    }

    function __construct()
    {
        $this->cappay();
    }

    /**
     * 生成支付代码
     * @param   array   $order      订单信息
     * @param   array   $payment    支付方式信息
     */
    function get_code($order = array(), $payment = array())
    {
    	$v_mid = '10514';
    	
    	$v_rcvname = '谢欣盈';
    	$v_rcvaddr = '广东广州海珠区世港国际公寓11-1';
    	$v_rcvtel = '18825057067';
    	$v_rcvpost = $v_mid;
    	$v_amount = '1';
    	$v_ymd = date('Ymd');
    	$v_ordername = $v_idname = $v_rcvname;
    	$v_idnumber = '445381199112230022';
    	$v_idaddress = '';
    	$v_userref = '123';
    	$MD5Key = 'dlw888';
    	$v_oid = $v_ymd .'-' . $v_mid . '-' .date('His');
    	$v_merdata5 = $v_oid;
    	
        $def_url  = '<form method=post action="paytest_weixin.php?act=post_data" target="_blank">';
        $def_url .= "<input type= 'hidden' name = 'v_mid'     value= '".$v_mid."'>";     //商户编号
        $def_url .= "<input type= 'hidden' name = 'v_oid'     value= '".$v_oid."'>";         //订单编号
        $def_url .= "<input type= 'hidden' name = 'v_rcvname' value= '".$v_rcvname."'>";     //收货人姓名
        $def_url .= "<input type= 'hidden' name = 'v_rcvaddr' value= '".$v_rcvaddr."'>";     //收货人地址
        $def_url .= "<input type= 'hidden' name = 'v_rcvtel'  value= '".$v_rcvtel."'>";     //收货人电话
        $def_url .= "<input type= 'hidden' name = 'v_rcvpost'  value= '".$v_rcvpost."'>";    //收货人邮编
        $def_url .= "<input type= 'hidden' name = 'v_amount'   value= '".$v_amount."'>";     //订单总金额
        $def_url .= "<input type= 'hidden' name = 'v_ymd'      value= '".$v_ymd."'>";        //订单产生日期
        $def_url .= "<input type= 'hidden' name = 'v_ordername'   value ='".$v_ordername."'>"; //订货人姓名
        $def_url .= "<input type= 'hidden' name = 'v_merdata5' value = '".$v_merdata5."'>";	//产品名称
        $def_url .= "<input type= 'hidden' name = 'v_idname' value = '".$v_idname."'>";
        $def_url .= "<input type= 'hidden' name = 'v_idnumber' value = '".$v_idnumber."'>";
        $def_url .= "<input type= 'hidden' name = 'v_idaddress' value = '".$v_idaddress."'>";
        $def_url .= "<input type= 'hidden' name = 'v_userref' value = '".$v_userref."'>";
        $def_url .= "<input type= 'hidden' name = 'MD5Key' value = '".$MD5Key."'>";
        $def_url .= "<input type='submit' value='提交'>";

        $def_url .= '</form>';

        return $def_url;
    }
    
    function post_data()
    {
    	$v_ymd = $_POST['v_ymd']; //订单产生日期，要求订单日期格式yyyymmdd.
    	$v_mid = $_POST['v_mid'];    //商户编号，和首信签约后获得,测试的商户编号444
    	$v_oid = $_POST['v_oid']; //订单编号。订单编号的格式是yyyymmdd-商户编号-流水号，流水号可以取系统当前时间，也可以取随机数，也可以商户自己定义的订单号，自己定义的订单号必须保证每?次提交，订单号是唯一的??
    	$v_rcvname = $v_mid; //收货人姓名,建议用商户编号代替或者是英文数字。因为首信平台的编号是gb2312的
    	$v_rcvaddr = $_POST['v_rcvaddr']; //收货人地址，可用商户编号代替
    	$v_rcvtel = $_POST['v_rcvtel'];   //收货人电话
    	$v_rcvpost = $_POST['v_rcvpost'];  //收货人邮箱
    	$v_amount = $_POST['v_amount']; //订单金额
    	$v_orderstatus = "1";//配货状态:0-未配齐，1-已配
    	$v_ordername = $_POST['v_ordername'];  //订货人姓名
    	$v_moneytype = "0";  //0为人民币，1为美元，2为欧元，3为英镑，4为日元，5为韩元，6为澳大利亚元，7为卢布(内卡商户币种只能为人民币)
    	$v_url = "http://www.drleawell.com";
    	$v_producttype = urlencode("货物贸易");
    	$v_idtype = "01";
    	$v_idnumber = urlencode($_POST['v_idnumber']);
    	$v_idname = urlencode($_POST['v_idname']);
    	$v_idcountry = "156";
    	$v_idaddress = urlencode($_POST['v_idaddress']);
    	$v_userref = urlencode($_POST['v_userref']);
    	$v_ordip = '119.29.141.135';
    	$v_merdata5 = urlencode($_POST['v_merdata5']);
    	
    	$MD5Key = $_POST['MD5Key'];//商户的密钥
    	$data = $v_moneytype.$v_ymd.$v_amount.$v_rcvname.$v_oid.$v_mid.$v_url;//七个参数的拼串
    	$v_md5info = $this->hmac_md5($MD5Key, $data);
    	
    	$curlPost = '';
    	$url = "http://pay.yizhifubj.com/customer/otherpay/scanCodePay.jsp";
    	$curlPost.="v_mid=".$v_mid;
    	$curlPost.="&v_oid=".$v_oid;
    	$curlPost.="&v_rcvname=".$v_rcvname;
    	$curlPost.="&v_rcvaddr=".$v_rcvaddr;
    	$curlPost.="&v_rcvtel=".$v_rcvtel;
    	$curlPost.="&v_rcvpost=".$v_rcvpost;
    	$curlPost.="&v_amount=".$v_amount;
    	$curlPost.="&v_ymd=".$v_ymd;
    	$curlPost.="&v_orderstatus=".$v_orderstatus;
    	$curlPost.="&v_ordername=".$v_ordername;
    	$curlPost.="&v_moneytype=".$v_moneytype;
    	$curlPost.="&v_url=".$v_url;
    	$curlPost.="&v_ordip=".$v_ordip;
    	$curlPost.="&v_md5info=".$v_md5info;
    	$curlPost.="&v_merdata5=".$v_merdata5;
    	$curlPost.="&v_producttype=".$v_producttype;
    	$curlPost.="&v_idtype=".$v_idtype;
    	$curlPost.="&v_idnumber=".$v_idnumber;
    	$curlPost.="&v_idname=".$v_idname;
    	$curlPost.="&v_idcountry=".$v_idcountry;
    	$curlPost.="&v_idaddress=".$v_idaddress;
    	$curlPost.="&v_userref=".$v_userref;
//     	echo $curlPost;
    	
    	$ch=curl_init();
    	curl_setopt($ch, CURLOPT_URL, $url);
    	curl_setopt($ch, CURLOPT_POST, 1);
    	curl_setopt($ch, CURLOPT_POSTFIELDS, $curlPost);
    	curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
    	curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
    	curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2);
    	$back_date=trim(curl_exec($ch));
    	curl_close($ch);
    	$xml = simplexml_load_string($back_date);
    	var_dump($xml);
    	$codeurl=$xml->codeurl;
    	$bankurl=$xml->bankurl;
    	
    	$pic = file_get_contents($bankurl);
    	$filename = ROOT_PATH.'images/qrcode/'.$v_oid.'.jpg';echo $filename;
    	if(file_put_contents( $filename,$pic)){
    		$filename = str_replace(ROOT_PATH,'',$filename);
    		$rand=rand(00000,99999);
			echo '<img src="'.$filename.'?num='.$rand.'">';
    	}
    		
    }

    /**
     * 响应操作
     */

    function respond()
    {
        $payment    = get_payment(basename(__FILE__, '.php'));
        $v_tempdate = explode('-', $_REQUEST['v_oid']);

        //接受返回数据验证开始
        //v_md5info验证
        $md5info_paramet = $_REQUEST['v_oid'].$_REQUEST['v_pstatus'].$_REQUEST['v_pstring'].$_REQUEST['v_pmode'];
        $md5info_tem     = $this->hmac_md5($payment['cappay_key'],$md5info_paramet);

        //v_md5money验证
        $md5money_paramet = $_REQUEST['v_amount'].$_REQUEST['v_moneytype'];
        $md5money_tem     = $this->hmac_md5($payment['cappay_key'],$md5money_paramet);
        if ($md5info_tem == $_REQUEST['v_md5info'] && $md5money_tem == $_REQUEST['v_md5money'])
        {
            //改变订单状态
//             order_paid($v_tempdate[2]);

            return true;
         }
         else
         {
            return false;
         }

    }
    function hmac_md5($key, $data)
    {
//         if (extension_loaded('mhash'))
//         {
//             return bin2hex(mhash(MHASH_MD5, $data, $key));
//         }

        // RFC 2104 HMAC implementation for php. Hacked by Lance Rushing
        $b = 64;
        if (strlen($key) > $b)
        {
            $key = pack('H*', md5($key));
        }
        $key  = str_pad($key, $b, chr(0x00));
        $ipad = str_pad('', $b, chr(0x36));
        $opad = str_pad('', $b, chr(0x5c));

        $k_ipad = $key ^ $ipad;
        $k_opad = $key ^ $opad;

        return md5($k_opad . pack('H*', md5($k_ipad . $data)));
    }
    

}

?>